Credit cards, debit cards, prepaid cards and membership cards have become a widespread means of cashless payment. However, there is the danger of a fraudulent use of these payment cards and it is very troublesome for both the customer and the issuer of the card to ensure that the card cannot be misused.
The use of payment cards also bears the problem that personal data of the card holder and especially security elements, such as passwords, have to be transferred to a payment terminal of the payee. In state of the art payment systems as used, for instance, in supermarkets and various shops, personal data, such as the bank account number/payment card number, the bank code number, the name and address of the customer etc, may be read from the payment card and be transferred to the reading device of the owner of a shop. The transferred personal data may be used by the shop owner for initiating a payment transaction by sending a corresponding request to a server of the financial service provider. The transfer of personal data from a customer's payment card to the terminal of the payee is a security risk.
To overcome the problems related to the direct use of payment cards, some payment solutions using a customer terminal, such as a mobile phone, have been proposed. In some of these solutions, also known as mobile payment solutions, a customer terminal scans a bar code at the point of sale (POS) to initiate a payment transaction. However, many of these solutions have some flaws related to the processing of the transaction, and related especially to the security and anonymity of the transaction. These known solutions expose the payor to untrusted network elements and require the payor to send confidential information to untrusted network elements. This is of course a security risk and should therefore be minimised.
It is the object of the present invention to overcome the problems related to current transaction processing methods by providing a more sophisticated transaction processing solution that can be applied not only in shops, but for example for online transactions or at automated teller machines (ATMs).